The Australian Securities and Investments Commission (ASIC) has issued a legislative instrument confirming it will not be mandatory for smaller not-for-profits and charities to implement a whistleblower policy in connection with Australia’s new whistleblower protection regime that came into effect on 1 July 2019.

Public companies, large proprietary companies and proprietary companies that are trustees of registrable superannuation entities are required by law to implement a whistleblower policy following amendments to the Corporations Act 2001 (Cth) as part of a suite of whistleblower protection reforms. Under the new laws it is an offence of strict liability (subject to financial penalty) for these organisations not to have a whistleblower policy on or before 1 January 2020.

Given that not-for-profits and charities often operate under the structure of a public company limited by guarantee, concerns were raised that it would be too onerous to require these entities to comply with the mandatory whistleblower policy requirement.

ASIC has since quelled these concerns after public consultation on the subject by issuing ASIC Corporations (Whistleblower Policies) Instrument 2019/1146 on 13 November 2019, which provides an exemption from the strict requirement to implement a whistleblower policy for ‘eligible public companies’.

Under the instrument issued by ASIC, an entity is an eligible public company that is not required to implement a whistleblower policy if the company:

(a) is a public company limited by guarantee

(b) is operated on a not-for profit basis

(c) is not the trustee of a registrable superannuation entity

(d) has a consolidated revenue of less than $1 million for each financial year.

If an eligible public company’s consolidated revenue for a financial year exceeds $1 million in any financial year, it will no longer be able to claim the exemption in subsequent financial years.

This exemption is intended to lighten the administrative burden for small not-for-profit and charitable companies, however, the instrument does not exempt these organisations from the general application of the whistleblower protection regime. These entities will still be required to comply with other requirements to protect whistleblowers under the new laws, such as the requirement to maintain the confidentiality of the identity of a whistleblower and a requirement not to subject a whistleblower to detriment (or allow a whistleblower to be subjected to detrimental conduct).

The instrument provides welcome relief to charities and not-for-profits from the mandatory requirement to implement a whistleblower policy. The obligation to have a compliant whistleblower policy remains in place for all other public companies, large proprietary companies and proprietary companies that are trustees of registrable superannuation entities.

Given the breadth of the whistleblower protection regime, we recommend that any organisation that is not strictly required to implement a whistleblower policy adopts an appropriate whistleblower policy setting out the company’s system for managing whistleblower reports, protecting the confidentiality of whistleblowers and preventing detrimental conduct. A whistleblower policy will provide the organisation with an appropriate framework for receiving and handling whistleblower complaints in compliance with the whistleblower protection regime.